4a72628a62f48dcaeb1d5461b26f7942_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4a72628a62f48dcaeb1d5461b26f7942_JaffaCakes118
Size

277KB
MD5

4a72628a62f48dcaeb1d5461b26f7942
SHA1

c817860d65a4031c3125e5f852454e955bc6b413
SHA256

9cfd3f321f68f86ef76d09c3f179b7dff859a20a8631a5e12bb251ee103d9315
SHA512

6733516a5ef1cdba0316b55a51af9d4c1dfbacb5c6672b9ddf89b6312f04e18444c21a3ed47a5c6e66525a8afa0f6f8e3453d5b4112670bee76fcb5df635e422
SSDEEP

6144:fxVRRZv9ESvEyVJEihx/ayFmubJI45+UHJlXf7VARp:fTRR59rcyVJEiPfFR1D/f7V0

Score

1^/10

Malware Config

Signatures

Files

4a72628a62f48dcaeb1d5461b26f7942_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45092145f58befe1941e1c2cb4fa5f43

Code Sign

0f:92:22:c7:91:be:43:96:40:56:14:e0:cd:e0:03:6e
Certificate

Issuer

CN=werwer 1a11121131232a2333a111a12213321331a2a1212133aa3a32123223a2121232a1213a2a332311a2333a2a23aa2a3a33aa313a331231322a211223a32132a33131a2a2aa121311123a111a2a2a3a2aa12223332111a133aa1a3333222231132a23a21a23aa113311a232a322a332313aa223aa31a2aaaa12112a31a2a1a31a123a1221aa3a111a232aa2a221a312a3a3231a3a322a123211133321a13a1222321a12a1aaa1a33 55555555

Not Before

22/11/2012, 07:33

Not After

31/12/2039, 23:59

Subject

CN=werwer 1a11121131232a2333a111a12213321331a2a1212133aa3a32123223a2121232a1213a2a332311a2333a2a23aa2a3a33aa313a331231322a211223a32132a33131a2a2aa121311123a111a2a2a3a2aa12223332111a133aa1a3333222231132a23a21a23aa113311a232a322a332313aa223aa31a2aaaa12112a31a2a1a31a123a1221aa3a111a232aa2a221a312a3a3231a3a322a123211133321a13a1222321a12a1aaa1a33 55555555

Extended Key Usages

ExtKeyUsageCodeSigning

48:5a:52:4f:6e:80:70:10:70:37:8e:56:a5:54:88:e7:26:26:a7:d3
Signer

Actual PE Digest

48:5a:52:4f:6e:80:70:10:70:37:8e:56:a5:54:88:e7:26:26:a7:d3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomW
GlobalDeleteAtom
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
MultiByteToWideChar
SearchPathW
FormatMessageW
GetCurrentThreadId
GetProcAddress
lstrlenW
lstrcmpW
GetLastError
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
LocalFree
LocalAlloc
lstrcpyW
GetLocaleInfoW
LoadLibraryA

user32

LoadIconA

gdi32

GetStockObject

msvcrt

_wcsicmp
wcsstr
mbstowcs
_c_exit
_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
wcslen

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCreateKeyW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegDeleteValueW

shell32

SHGetPathFromIDListA
SHChangeNotify
SHGetSpecialFolderLocation
SHGetMalloc

ole32

CoInitialize
CoCreateInstance
CoUninitialize

shlwapi

PathRemoveBlanksW

Sections

.text
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45092145f58befe1941e1c2cb4fa5f43

Code Sign

0f:92:22:c7:91:be:43:96:40:56:14:e0:cd:e0:03:6eCertificate

Extended Key Usages

48:5a:52:4f:6e:80:70:10:70:37:8e:56:a5:54:88:e7:26:26:a7:d3Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 264KB - Virtual size: 263KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 512B - Virtual size: 396B

0f:92:22:c7:91:be:43:96:40:56:14:e0:cd:e0:03:6e
Certificate

48:5a:52:4f:6e:80:70:10:70:37:8e:56:a5:54:88:e7:26:26:a7:d3
Signer

.text
Size: 264KB - Virtual size: 263KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 512B - Virtual size: 396B